[kernel-sec-discuss] r1071 - active

jmm at alioth.debian.org jmm at alioth.debian.org
Sun Dec 23 12:31:57 UTC 2007 

Author: jmm
Date: 2007-12-23 12:31:57 +0000 (Sun, 23 Dec 2007)
New Revision: 1071

Modified:
   active/CVE-2006-7051
   active/CVE-2007-3731
   active/CVE-2007-3740
Log:
more data from maks


Modified: active/CVE-2006-7051
===================================================================
--- active/CVE-2006-7051	2007-12-23 12:26:24 UTC (rev 1070)
+++ active/CVE-2006-7051	2007-12-23 12:31:57 UTC (rev 1071)
@@ -17,9 +17,10 @@
  dannf> Debian should probably "fix" this by suggesting a limit (ulimit -i)
         on the number of pending signals
  kees> Pending signals limit is now set by pam 0.99.x.
+ jmm> d02479bdeb1c9b037892061cdcf4e730183391fa
 Bugs: 
-upstream: 
-linux-2.6: 
+upstream: released (2.6.23-rc4)
+linux-2.6: released (2.6.23-1)
 2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch6) "no upstream patch"
 2.6.8-sarge-security: 
 2.4.27-sarge-security: 

Modified: active/CVE-2007-3731
===================================================================
--- active/CVE-2007-3731	2007-12-23 12:26:24 UTC (rev 1070)
+++ active/CVE-2007-3731	2007-12-23 12:31:57 UTC (rev 1071)
@@ -18,9 +18,10 @@
 Notes: 
  dannf> Note that the description is somewhat misleading - I can reproduce
         on 2.6.18, so its not limited to 2.6.20 and 2.6.21
+ jmm> a10d9a71bafd3a283da240d2868e71346d2aef6f
 Bugs: 
-upstream: 
-linux-2.6: 
+upstream: released (2.6.23-rc1)
+linux-2.6: released (2.6.23-1)
 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch3) [bugfix/ptrace-handle-bogus-selector.patch, bugfix/fixup-trace_irq-breakage.patch]
 2.6.8-sarge-security: 
 2.4.27-sarge-security: 

Modified: active/CVE-2007-3740
===================================================================
--- active/CVE-2007-3740	2007-12-23 12:26:24 UTC (rev 1070)
+++ active/CVE-2007-3740	2007-12-23 12:31:57 UTC (rev 1071)
@@ -10,6 +10,9 @@
  It was discovered that certain CIFS filesystem actions did not honor the
  umask of a process.  Local attackers could exploit this to gain additional
  privileges.
+ jmm> from maks:
+ jmm> 3ce53fc4c57603d99c330a6ee2fe96d94f2d350f v2.6.22-rc5
+ jmm> a8cd925f74c3b1b6d1192f9e75f9d12cc2ab148a v2.6.24-rc1
 Notes: 
 Bugs: 
 upstream: released (2.6.22-rc5) [3ce53fc4c57603d99c330a6ee2fe96d94f2d350f]

More information about the kernel-sec-discuss mailing list